I'm in the process of trying to keep several ubuntu box's up to date and patched (10.4.2 LTS), one suggestion I've been getting is setting up unattended upgrades (https://help.ubuntu.com/community/AutomaticSecurityUpdates).

In the past I've been against setting up automatic updates, mainly due to paranoia that it will break something during the update process. However now I'm starting to question how valid this is (and how much of a risk it is compared to having potentially unpatched servers). Is this a sane idea?

We are also in the process of setting up Puppet, however the creation of modules/migration of servers to puppet seems a long way away.

2 Answers
2

I've had Ubuntu package updates wreck serious havoc in the recent past, so my recommendation would be to manually deploy the packages at this point, (after some testing or at least a VM snapshot) with something like apticron to send you an email about pending patches.

That said, a central update management tool would be far better. Unfortunately, there doesn't seem to have been much progress.

When you had problems, can you confirm they were on a Ubuntu server, and not a desktop? Also, did you have a problem with a security update or a standard update?
–
Mark StosbergJun 12 '12 at 18:58

1

@MarkStosberg I can't remember exactly what package update problem it was that I ran into around this time last year.. I want to say it was an update to the likewise-open package that broke authentication; not sure if it was a security update or not. But yes, definitely on servers, not desktops.
–
Shane Madden♦Jun 12 '12 at 19:28

I think it depends on your situation - you have to weigh up the risks.

How much damage could be caused by an update going awry? Is this a production server processing orders in realtime? Would an hour of down-time cost you a lot of money?

If you don't run automatic updates you're more exposed to hackers and zero-day exploits. How much damage could a hacker do? Is your server host to a lot of very sensitive information that if stolen, could cost you a lot more that a couple of hours of down time?

Personally, I err on the side of security and run unattended-upgrades. But to minimise the potential of an update screwing up, I only do security-updates, and I do the remaining updates manually.

I think if an update is going to screw up, it's unlikely that I'll notice until the machine has been rebooted, in which case whether the update was installed manually or automatically makes no difference.